FBI urges banks to review security in the face of ATM cashout blitz

Tuesday 21 August 2018 13:09 CET | News

The Federal Bureau of Investigation (FBI) has been warning banks that cybercriminals are preparing to carry out a global fraud scheme known as an “ATM cash-out”.

Thus, criminals hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours, according to cybersecurity expert Brian Krebs.

Organized cybercrime gangs that coordinate these attacks typically do so by hacking or phishing their way into a financial institution or payment card processor. Just prior to executing on ATM cashouts, the intruders will remove many fraud controls at the financial institution, such as maximum ATM withdrawal amounts and any limits on the number of customer ATM transactions daily. Moreover, they also modify account balances to make an unlimited amount of money available at the time of the transactions, allowing for large amounts of cash to be quickly removed from the ATM.

Virtually all ATM cashout operations are launched on weekends, often just after financial institutions begin closing for business on Saturday.

The FBI is urging banks to review how they are handling security, such as implementing strong password requirements and two-factor authentication using a physical or digital token when possible for local administrators and business critical roles, Brian Krebs concludes.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Federal Bureau of Investigation, FBI, online security. fraud prevention, Brian Krebs, ATM, phishing, malware
Countries: World